Cloud-based User Access Management

Written by Vince Lujan on June 4, 2018

Share This Article

User access management (UAM), also called identity and access management (IAM), refers to the process of managing user identities and administering their access to IT resources such as systems, applications, files, and networks. Identity management is critical in any modern organization from a security and efficiency perspective, but what are the advantages of cloud-based user access management? To find out, let’s take a look at traditional UAM solutions and compare them to cloud alternatives.

Traditional User Access Management

identity management market alternative

Prior to the year 2000, most enterprise IT environments were on-prem and essentially revolved around the Microsoft® Windows® operating system (OS). In fact, it was common for all of the users, systems, applications, files, and the network itself to be Windows-based and physically tethered together on the same network. This setup encouraged IT administrators to implement Microsoft® Active Directory® (AD) at the core of their user access management infrastructure. In doing so, IT could effectively leverage a single solution to manage user access to all of the IT resources in their environment. This approach worked well for a number of years.

However, the IT landscape started to change in the mid-2000s as a number of new ideas and innovations came to market. At the forefront were macOS® and Linux® systems, web applications like Salesforce® and Google Apps (now called G Suite), and cloud infrastructure at AWS®, to name a few examples. What did all of these IT resources have in common? They were not Windows-based and, in most cases, they were not on-prem. As a result, Active Directory struggled to manage them directly.

Of course, it was this challenge that inspired the creation of a wide variety of third-party directory extension utilities such as identity bridges, web application single sign-on (SSO), privileged identity management, and more. Solutions such as these were effectively cloud-based add-ons designed to extend AD user identities to non-Windows and remote IT resources that were not natively supported. IT admins would basically layer these solutions on top of their existing on-prem identity management infrastructure to extend AD user identities throughout the network. This approach also worked well for some time.

The trouble with this approach was (and still is) that the number of add-ons required by IT organizations continues to grow as more non-Windows and cloud-based IT resources are introduced. For example, in addition to maintaining an on-prem implementation of AD, modern IT organizations will likely need an identity bridge to connect AD to macOS and Linux, an SSO solution for web applications, separate directory extensions to connect to AWS and GCP, and many more. While it is technically possible to manage the breadth of modern IT networks with this approach, the cost and complexity alone make it far from ideal.

IT admins have come to realize that it doesn’t make sense to continue patching AD for every non-Windows IT resource in their environment. As a matter of fact, many IT organizations would rather eliminate AD altogether and shift their entire on-prem identity management infrastructure to the cloud. The good news is that a next generation cloud directory has emerged that can provide powerful user access management capabilities without needing anything on-prem. The same solution has also taken a cross-platform, vendor-neutral, protocol-driven approach to managing modern IT networks. This holistic, cloud-based user access management solution is called JumpCloud® Directory-as-a-Service®, and it’s effectively Active Directory reimagined.

User Access Management from the Cloud

JumpCloud Directory-as-a-Service is essentially the best thing to happen to directory services since Active Directory. This is because the JumpCloud platform not only has the ability to manage on-prem networks of Windows-based users and IT resources, but virtually any IT resource via a single cloud-based identity management platform. As a core identity provider, IT can leverage Directory-as-a-Service to effectively manage all of the users, systems, applications, files, and even the network itself, regardless of the platform, provider, protocol, or location and without anything on-prem. In doing so, users can leverage their core identity to gain access to all of their IT resources, admins can centralize user access management across the network, and the organization can eliminate their entire on-prem identity management infrastructure in favor of a comprehensive cloud directory alternative.

These are only a few of the advantages of cloud-based user access management with JumpCloud Directory-as-a-Service. Sign up today to discover all of the advantages of the JumpCloud platform for free. We offer 10 free users to help you explore the full functionality of our platform at no cost. Contact JumpCloud or schedule a demo to answer any questions, or check out the following whiteboard presentation to learn more about the JumpCloud story.

Vince Lujan

Vince is a writer and video specialist at JumpCloud. Originally from the horse capital of New Mexico, Corrales, he has lived in Boulder, Colorado for three years. When Vince is not developing content for JumpCloud, he can usually be found at the Boulder Creek.

Continue Learning with our Newsletter